EIP-2026-116078

PRE-CVE

PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial of Service

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116078. PoCs published by Rodrigo Escobar.

AI-analyzed exploit summary The exploit demonstrates a denial-of-service (DoS) vulnerability in PMSoftware Simple Web Server 2.1 by flooding the server with TCP connections or HTTP requests with malformed 'From' headers. The first script establishes multiple TCP connections, while the second sends HTTP requests with incrementing byte values in the 'From' header to trigger the DoS.

Description

PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED
by Rodrigo Escobar · perldoswindows
https://www.exploit-db.com/exploits/34395

The exploit demonstrates a denial-of-service (DoS) vulnerability in PMSoftware Simple Web Server 2.1 by flooding the server with TCP connections or HTTP requests with malformed 'From' headers. The first script establishes multiple TCP connections, while the second sends HTTP requests with incrementing byte values in the 'From' header to trigger the DoS.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: PMSoftware Simple Web Server 2.1
No auth needed
Prerequisites: Network access to the target server · Target server running PMSoftware Simple Web Server 2.1
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026